Free v3.12.2 with compatibility & security fixes is available

For even more features and optimizations (see the comparision page), please use the integrated pro upgrader to start a free 30-day-trial of Maps Marker Pro.

Maps Marker Pro v4.0 has also been released today and features a complete object-oriented rewrite of the codebase. While this process took quite a few months to complete, the long-term benefits are absolutely worth it. Not only does the new code dramatically decrease load times and enhance security, but it also makes it much easier for us to fix bugs or implement new features.

complete rewrite / refactorization of the code base from procedural to object oriented

separation of JavaScript from PHP to allow for caching and significantly increase page loading speed

If you want to keep up to date with the latest Maps Marker development, please follow @MapsMarker on twitter (= most current updates), on Facebook, Google+ or subscribe to news via RSS or via RSS/email.

removed MapQuest basemap support (due to MapQuest basemaps now requiring their own API, making them incompatible to be implemented into a standard Leaflet installation; existing MapQuest maps will be switched to OpenStreetMap automatically)

Bugfixes

incompatibility with Apache v2.4 and htaccess/allow from all (thx stafmans!)

Security fixes

Since the start of our security bug bounty program on May 19th we have received several vulnerability reports – due to our attention on secure coding and 3 penetration tests in the last 4 years no severe or critical issues were found though. All but the first issue from the list below could only have been exploited by users with backend access – and in most cases with admin users only.

Some additional thoughts why those vulnerabilities were not detected by us so far, although we are doing regular security checks: the attack vector of an admin who e.g. inject malicious code into Leaflet Maps Marker settings was not completely covered by us so far, as such an attacker would have had direct access to theme or plugin files – making it much easier to e.g. inject malicious code or change database tables directly than to use Leaflet Maps Marker for Cross site scripting.

Nevertheless although the exploitability of the reported vulnerabilities is low, we take those reports seriously and fixed all of them respectively hardened our entire codebase to prevent future similar vulnerabilities.

The easiest way to update is to use the WordPress update process: login with an user who has admin privileges, navigate to Dashboard / Updates, select plugins to update and press the button “Update Plugins”. Alternatively you can also download the current version here, unzip the package and overwrite the plugin´s files on your webserver.

Share your favorite spots and tracks with Maps Marker Pro, the most comprehensive geo-content management system for WordPress with a moral code. We never store your geolocation data and keep up with latest security standards. Start plotting right away and customize a multitude of features as you go. Happy mapping!